class SessionsController < ApplicationController
  skip_before_filter :authorize

  def new
    redirect_to documents_path if signined?
  end

  def create
    user = User.signin params[:account], params[:password]
    unless user.blank?
      session[:user_id] = user.id
      session[:role] = user.type
      redirect_to documents_path
    else
      flash[:error] = '账号不存在或密码错误，请重试'
      redirect_to signin_path
    end
  end

  def destroy
    reset_session
    redirect_to signin_path
  end
end
